Closed Bug 361517 Opened 18 years ago Closed 16 years ago

Don't fill in passwords / usernames in readonly fields.

Categories

(Toolkit :: Password Manager, defect)

Product:
Toolkit
Component:
Password Manager
Version:
1.8 Branch
Type:
defect
Priority:
Not set
Severity:
minor

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla1.9.1b1

People

(Reporter: moscovic, Assigned: Dolske)

References

Details

Attachments

(1 file, 1 obsolete file)

Patch v.2
4.86 KB, patch
Gavin
: review+
Details | Diff | Splinter Review 
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1) Gecko/20061010 Firefox/2.0
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1) Gecko/20061010 Firefox/2.0

If there is a input field like this:
<input type="password" name="password" value="password" readonly="readonly">
firefox still remembers the password here...
Next time the page is loaded (e. g. for other user) the password is replacen by the remembered password even if there is a readonly attribute!

passwords for readonly fields shouldn't be saved, because in that case user cannot retype them!

Reproducible: Always

Steps to Reproduce:
1. create a page with <input type="password" name="password" value="password" readonly="readonly">
2. submit pade and enable firefox to remember the password
3. change the page to 1. create a page with <input type="password" name="password" value="pass" readonly="readonly">


Actual Results:  
load the page... firefox will replace the password on load (the nuber of "stars" will change)
submit the page and check that it passes the remembered password


Expected Results:  
expected result will be, that the read only password wouldn't be offered to save...
or
after loading and submiting changed page the passed password would be the new one
*** Bug 331441 has been marked as a duplicate of this bug. ***
*** Bug 294458 has been marked as a duplicate of this bug. ***
*** Bug 312877 has been marked as a duplicate of this bug. ***
Just to be sure I'm working on the right problem: is the form where you see the problem password-only, with no username? And is your saved password from a password-only form, or with a blank username, or a username-password pair?

(Yes, we could just bail out whenever we see anything readonly, but that would sometimes be wrong, e.g. with a readonly prefilled username we know, and an unfilled non-readonly password.)
I don't really understand why the long time opened and confirmed bugs 331441 (Opened: 2006-03-23) 312877 (Opened: 2005-10-18), 294458 (Opened: 2005-05-17) 
were marked as duplicate of this one which is marked as UNCONFIRMED ?
you might have made a mistake
They were all marked as duplicates of a bug which did fix their reported problem. They are marked as duplicates of a bug which (probably, though not certainly) will again fix their reported problem, in a different way. This is not an issue which is worth the death of several million electrons.
I don't see why the password mananger shouldn't remember readonly fields. They are, after all, readable.

As for filling them in... I can see two sides to the issue. One is that we shouldn't modify a readonly field, because the user can't either. On the other hand, readonly fields are only a UI convention, and scripts have always been allowed to modify them.
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Windows XP → All
Hardware: PC → All
Summary: saving and rewriting passwords in input type="password" with readonly="readonly" → should passwords be filled in for readonly pw fields?
Version: unspecified → 2.0 Branch
I have two problems with this issue:
1) What sense does a read-only password field make (i.e. what's a reasonable use case)? IMHO read-only fields are an _output_ aid, but with type "password" you won't actually see anything reasonable.
2) The password manager might _remember_ read-only fields, but it probably should not _fill in_ read-only fields. This is independent from the fact that a script might change them, because the "script" is expected to come from the same source as the rest of the HTTP application. The browser should not interfere with that in an unexpected way.

Random note: Camino bug 384635 was for filling in disabled fields, another case similar to this bug.
We just made a similar change to not fill in values that exceed an input's maxlength, which was beneficial for sites with mixed username/password + PIN logins. This change may have similar benefits.
Assignee: nobody → dolske
Summary: should passwords be filled in for readonly pw fields? → Don't fill in passwords / usernames in readonly fields.
Target Milestone: --- → Firefox 3 M10
Attached patch Patch, work in progress v.1 (obsolete) — Splinter Review 
Untested, but it's simple enough. However, I think I should first shuffle some code around so the same thing happens when you (1) initially fill the form on page load and (2) perform an autocomplete entry. I'll file a blocking bug.
Depends on: 400795
Assignee: dolske → nobody
Target Milestone: Firefox 3 beta2 → ---
Attached patch Patch v.2Splinter Review 
Simpler version of last patch.
Assignee: nobody → dolske
Attachment #285848 - Attachment is obsolete: true
Status: NEW → ASSIGNED
Attachment #329275 - Flags: review?(gavin.sharp)
Target Milestone: --- → Firefox 3.1a1
No longer depends on: 400795
Product: Firefox → Toolkit
Whiteboard: [need review gavin]
Target Milestone: mozilla1.9.1a1 → mozilla1.9.1
Attachment #329275 - Flags: review?(gavin.sharp) → review+
Pushed changeset 9c433cbaff34.
Status: ASSIGNED → RESOLVED
Closed: 16 years ago
Flags: in-testsuite+
Resolution: --- → FIXED
Whiteboard: [need review gavin]
Target Milestone: mozilla1.9.1 → mozilla1.9.1b1
Depends on: 583578
duplicate bug
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: